Tighten user linking

backend/src/main/java/com/petshop/backend/service/CustomerService.java

@@ -52,6 +52,8 @@ public class CustomerService {
 
     @Transactional
     public CustomerResponse createCustomer(CustomerRequest request) {
+        ensureEmailAvailable(request.getEmail(), null);
+
         Customer customer = new Customer();
         customer.setFirstName(request.getFirstName());
         customer.setLastName(request.getLastName());
@@ -78,6 +80,8 @@ public class CustomerService {
         Customer customer = customerRepository.findById(id)
                 .orElseThrow(() -> new ResourceNotFoundException("Customer not found with id: " + id));
 
+        ensureEmailAvailable(request.getEmail(), customer.getUserId());
+
         customer.setFirstName(request.getFirstName());
         customer.setLastName(request.getLastName());
         customer.setEmail(request.getEmail());
@@ -142,4 +146,16 @@ public class CustomerService {
     private String generatePhone(Customer customer) {
         return String.format("200-000-%04d", customer.getCustomerId());
     }
+
+    private void ensureEmailAvailable(String email, Long currentUserId) {
+        if (email == null || email.isBlank()) {
+            return;
+        }
+
+        userRepository.findByEmail(email).ifPresent(existing -> {
+            if (currentUserId == null || !existing.getId().equals(currentUserId)) {
+                throw new ResponseStatusException(CONFLICT, "Email already exists");
+            }
+        });
+    }
 }